Code: 
IPS
Duration: 
4 Day(s)

Overview

Given an example of Cisco's defence in depth, delegates will be taught how Cisco IPS protects network devices from attacks. Given an IPS sensor appliance, the delegates will learn to install the appliance in the network and initialise it. Delegates will also learn how to use IDS Device Manager (IDM) to configure basic sensor settings and to configure built-in signatures to meet the requirements of a given security policy. They will learn the functions of signature engines and their parameters and will understand how to use IDM to tune and create signatures to meet the requirements of a given security policy

Delegates will be taught how to use IDM to tune a sensor to work optimally in the network. They will also use the Monitoring Centre for Security and Cisco Threat Response to maximize alarm management efficiency. The course explains blocking concepts and how to use IDM to configure blocking for a given scenario. The delegates will be learn how to install both the NM-CIDS in a router and initialise it, install the module in a Cisco Catalyst 6500 Switch and initialise it using the switch to capture network traffic for intrusion prevention analysis. The delegates will also install and recover the sensor software image and perform service pack and signature updates and will also verify system configuration using the CLI and IDM

Skills Gained

After completing this course, delegates will be able to;

  • Installing an IPS sensor appliance in the Network and initialise it
  • Use IDM to configure built-in signatures to meet the requirements of a given security policy
  • Describe the functions of signature engines and their parameters and will use IDM to tune and create signatures
  • IDM will be used to tune a sensor to work optimally in the network and will use the Monitoring Centre for Security and Cisco Threat Response
  • Install both the NM-CIDS in a router and initialise it
  • Install and recover the sensor software image and perform service pack and signature updates

Prerequisites

Delegates who attend this advanced course must have experience in configuring Cisco IOS software and have met the following prerequisites;

  • Certification as a CCNA or the equivalent knowledge,
  • basic knowledge of the Windows operating system,
  • familiarity with the networking and security terms and concepts.

Course Specifics

Course Outline

  • Course Introduction
  • Security Fundamentals
  • Intrusion Prevention Overview
  • Getting Started with the IDS Command Line Interface
  • Using IDM Lesson 6:Basic Sensor Configuration
  • Cisco Intrusion Detection System Alarms and Signatures
  • Signature Engines
  • Signature Configuration
  • Sensor Tuning
  • Alarm Monitoring and Management
  • Blocking Configuration
  • Cisco Intrusion Detection System Network Module
  • Intrusion Detection System Module Configuration
  • Capturing Network Traffic for Intrusion Detection Systems
  • Sensor Maintenance
  • Verifying System Configuration

Thinking about Onsite?

If you need training for 3 or more people, you should ask us about onsite training. Putting aside the obvious location benefit, content can be customised to better meet your business objectives and more can be covered than in a public classroom. It's a cost effective option.

Submit an enquiry from any page on this site, and let us know you are interested in the requirements box, or simply mention it when we contact you.